package com.example.crowdfunding.service.impl;

import com.example.crowdfunding.entity.Admin;
import com.example.crowdfunding.entity.Role;
import com.example.crowdfunding.mvc.config.enntity.SecurityAdmin;
import com.example.crowdfunding.service.api.AdminService;
import com.example.crowdfunding.service.api.AuthorityService;
import com.example.crowdfunding.service.api.RoleService;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Component;

import javax.annotation.Resource;
import java.util.ArrayList;
import java.util.List;

/**
 * The type Crowd user detail service.
 */
@Component
public class CrowdUserDetailServiceImpl implements UserDetailsService {

    /**
     * The Admin service.
     */
    @Resource
    AdminService adminService;
    /**
     * The Authority service.
     */
    @Resource
    AuthorityService authorityService;
    /**
     * The Role service.
     */
    @Resource
    RoleService roleService;

    /**
     * @param loginAcct 网页传入的用户名
     * @return UserDetails
     * @throws UsernameNotFoundException 异常
     */
    @Override
    public UserDetails loadUserByUsername(String loginAcct) throws UsernameNotFoundException {
        // 存放角色和权限
        List<GrantedAuthority> authorities = new ArrayList<>();

        // 1.根据loginAcct查询admin
        Admin admin = adminService.getRealAdminByAcct(loginAcct);

        // 2.查询该admin是否存在角色
        List<Role> roles = roleService.getAssignedRole(admin.getId());
        if (roles == null || roles.size() == 0) {
            throw new UsernameNotFoundException(admin.getUserName() + " 没有任何角色");
        }

        // 3.把角色名字存入authorities集合中
        for (Role role : roles) {
            // 注意必须要加  "ROLE_"
            String roleName = "ROLE_" + role.getRoleName();
            SimpleGrantedAuthority simpleGrantedAuthority = new SimpleGrantedAuthority(roleName);
            authorities.add(simpleGrantedAuthority);
        }

        // 4.查询每个角色是否有权限
        List<Integer> auths;
        boolean flag = false;
        for (Role role : roles) {
            auths = authorityService.getAssignedAuthById(role.getId());
            if (auths != null && auths.size() > 0) {
                flag = true;
            }
        }

        if (!flag) {
            // 如果没有任何权限
            throw new UsernameNotFoundException(admin.getUserName() + " 没有任何权限");
        }
        // 5.添加权限信息到集合（这里有一个需要去重的问题（在sql语句级别就解决了这个问题））
        List<String> assignedAuths = authorityService.findAssignedAuthByAdminId(admin.getId());
        for (String auth : assignedAuths) {
            SimpleGrantedAuthority simpleGrantedAuthority = new SimpleGrantedAuthority(auth);
            authorities.add(simpleGrantedAuthority);
        }

        // 6.封装到SecurityAdmin并返回
        return new SecurityAdmin(admin, authorities);
    }

}
